Skip to content
Ad Fraud Calculator Calculate Your Loss
Have Questions? 888-337-0641
5 min read

Ad Fraud and VPNs: What You Should Know

Featured Image

There are many tools that fraudsters use in their schemes to take money from your company’s online advertising campaigns. Even legitimate technology solutions that are meant to help consumers can be twisted into tools for fraud.

For example, virtual private networks (VPNs) are often used by fraudsters to help them hide their attempts at defrauding you of your ad revenue. Here’s a quick explanation of what VPNs are, how crooks use them for ad fraud schemes, and how you can protect your online advertising efforts from fraud even when VPNs are in use.

Ensure genuine user engagement with Anura

What Is a VPN?

A VPN is a service that consumers can use to anonymize their web traffic to make it harder for others to intercept and track their online activity. Instead of connecting directly with whatever websites or resources they want to use, a virtual private network user first connects to a VPN service provider’s data center and then that data center connects the user to the other resource they want to use.

By passing their traffic through a VPN, your website’s visitors can hide their IP address from you—the address you see would be that of the VPN service instead of the visitor’s actual IP address. Additionally, many VPNs offer extra services like encryption, which helps to protect the data passed through a VPN connection.

How VPNs Can Be Used for Ad Fraud

While VPNs have many legitimate uses for both businesses and individuals, the ability to hide the origin point of web traffic is also useful for those with more nefarious purposes. Namely, for committing ad fraud. In this way, VPNs can end up joining bots as one of the common ad fraud tools used by fraudsters.

1. Obfuscating Ad Fraud Activity

The most obvious use of VPNs in ad fraud schemes is for the fraudster to hide where their fraudulent traffic is coming from. This makes it tougher for you to identify the source of the fraud—allowing the fraudster to carry out their scheme for longer without the risk of being caught. The longer they can go undetected, the more money they can take from you.

However, this isn’t the only way that fraudsters can use VPNs in their schemes.

2. Using “Free” VPNs to Spread Ad Fraud Malware

Some of the more prolific fraudsters might actually create so-called “free” VPNs to distribute to unsuspecting victims on the internet. As noted by vpnMentor, “there are some VPNs that actually contain malware.”

By creating a “free” VPN loaded with ad fraud enabling malware and sharing it with countless unsuspecting victims that think they’re getting free protection, a fraudster could easily create a massive network of zombie bots (a.k.a. a botnet) and use it to conduct large-scale ad fraud.

In many cases, the users of the free VPN will never know that their devices have been compromised with ad fraud software. They may see warning signs like an increased number of software crashes, high interface lag, or unknown programs preventing device shutdown (for example, “Windows/iOS/Linux is waiting for ‘X’ program to close” type messages).

3. Stealing Real User Data for Form Bot Fraud

Another type of malware that so-called “free” VPNs might install would be malware designed to track online activity and log the user’s keystrokes. This is an especially ironic situation considering that VPNs are supposed to make it more difficult to track your online activity.

Fraudsters can use this to commit all kinds of identity theft. The major threat for businesses is that fraudsters can use this malware to capture consumer data and then use it in their fake lead generation fraud schemes.

Basically, the fraudster captures the free VPN user’s data on other websites as they log in or fill out forms, then add that information to their form bot programs to use when creating fake leads in their lead gen fraud schemes. Because the data is based on activity from real people as they use the internet while under the dubious protection of their free VPNs, it will appear to be real when the information is plugged into your website’s lead capture forms.

The Problem with VPNs and IP Address Blocking

There are many ways to fight ad fraud—and not all of them are equally effective. In fact, some techniques that used to be effective have since become ineffective or outright counterproductive because of advancements in the technology and techniques used by fraudsters.

Take, for example, IP address blocking. Many years ago, being able to track the IP addresses of malicious actors and block them was an effective way to stop cyberattacks and generic ad fraud. By blocking the IP address of the fraudster, you would cut them off from being able to access your website and resources—keeping them from clicking on your ads or fraudulently filling out forms.

Today, IP address blocking is no longer effective and shouldn’t be relied on as a primary ad fraud prevention strategy. Here are a couple of the problems with IP address blocking that VPNs introduce:

  • VPNs make it too easy for fraudsters to change their IP addresses. 
    If you block a fraudster’s IP address, they can simply change their IP address using their VPN service and render the address block ineffective. No matter how many times you block the new VPN IP address, the fraudster will always have more to draw upon.

  • You may end up blocking good traffic along with the bad. 
    As consumers become increasingly security-conscious, VPNs are expected to see more widespread use. According to net, as of the start of 2022, “31% of internet users worldwide have used a VPN service.” By blocking the IP address of a VPN service to stop one fraudster, you also block all of the legitimate customers who also use that VPN.

VPNs that work using residential proxies make this even worse, since you would be blocking legitimate IP addresses for activity that the owner of the proxy IP address wouldn’t even know about—and it’s not like they could turn off their VPN since the block was based on their actual IP address!

How to Stop Fraudsters Even When They Use VPNs

So, how can you stop ad fraud when the fraudster is using a VPN service to hide where the fraudulent activity is coming from? By using an ad fraud solution that goes beyond IP address tracking to identify fraudulent activity based on website visitor behaviors!

Using any single visitor metric to try to accurately identify fraud will always be a problem since fraudsters can quickly modify their schemes to trick a one-note ad fraud check. Whether that’s by changing their IP address to avoid a blacklist, programming delays into bots to thwart time-on-page-based bot filters, or even programming bots to bypass CAPTCHA tests, fraudsters have proven time and again that unsophisticated tools just aren’t enough to counter ad fraud schemes.

This is where an ad fraud solution that performs a deep analysis of your website traffic can prove invaluable. For example, the Anura ad fraud solution measures hundreds of data points about each of your website visitors.  It knows how that data is supposed to look and how each data point interacts with each other. Using this information, the ad fraud solution can identify fraudulent activity without making false positives—regardless of how well the fraudster hides their real IP address.

Because the ad fraud analysis isn’t based on a single vanity metric, you can be confident that the activity flagged as fraud actually is fraud. Additionally, Anura provides you with the data that was used to positively identify the fraud so you can confront the fraudsters behind it directly if you need to.

This, in turn, helps you avoid wasting money on fraudulent activity—which also improves your ROI for your ad spend since more of your budget will be going to real prospects instead of lining the pockets of a fraudster!

Why pay fraudsters for wasting your time with fake leads? Start protecting your ad campaigns from advanced ad fraud techniques today!

New call-to-action